package mr.ali.video.web.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * @author Administrator
 */
@EnableGlobalMethodSecurity(prePostEnabled = true)
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    UserScurityImpl userScurity;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userScurity);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()
                .authorizeRequests()
                .antMatchers(
                        "/web/login.html",
                        "/web/register.html",
                        "/js/*",
                        "/vue/*",
                        "/img/*",
                        "/css/*",
                        "/bootstrap/**",
                        "/bootstrap-icons/**",
                        "/web/register"
                ).permitAll()
                .anyRequest().
                authenticated()
                .and().formLogin()
                .loginPage("/web/login.html")
                .loginProcessingUrl("/web/login")
                .defaultSuccessUrl("/web/index.html")
                .failureUrl("/web/login.html?error")
                .and().logout()
                .logoutUrl("/web/logout")
                .logoutSuccessUrl("/web/login.html?logout");
    }
}


